Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Checking that the code complies with the configured security and quality model set or rules.
  • Checking if the implemented code and the architectures are aligned: application of best practices required in the use of an application framework, if insulation between layers is observed...
  • Determining if there are potential defects —poorly expressed logical conditions, synchronization failures between threads or race conditions, resource/potential memory leaks...— to be reviewed.

...

Kiuwan indicators are metrics calculated from evidences —we call them 'defects'— which Kiuwan extracted from source code with its analyzers.
They provide us an indication of:

  • Some software quality characteristic, such as: Efficiency, Maintainability, Reliability, Security or Portability.
  • The Overall Quality Global Index —obtained based on a weighted formula using the software quality characteristics mentioned before—.
  • The Risk associated with the structural quality of the software.
  • The Effort to target or the amount of hours needed to achieve the quality set as the target of the application being analyzed.

...

Risk index represents the potential problems that you are assuming for not paying attention to the security and quality of your source code. In other words: how far you are to get an acceptable quality levelacceptable level.
It is a number that concentrates all the evidence found in the source code of your application.
It has used your quality indicator and the effort that you need to spend to reach the quality level the level set as goal for you.
So, if you have poor quality, but if the effort needed to get better is low, you are not assuming a high risk in this application because you are going to repair your problems easily. But if your effort needed to get better is very high, your risk index will be high too.
Pay attention to risk index evolution in time.

...

Kiuwan provides a library with hundreds of rules that verify the standard compliance for the technologies supported, with great configuration capabilities —see User's Guide chapter for details—.
From this library, users can use the Kiuwan Standard Quality Model, called CQM, or build from this or from scratch new and specific quality models.

...